wpa_supplicant: Handle MAC address randomization changes for same ESS

When MAC address randomization settings change we should use a new MAC
address even if we are associating to the same ESS.

For example, consider this scenario:
- hardware MAC is being used,
- we disconnect from the network,
- policy/style is changed via D-Bus to turn randomization on,
- we reconnect to the same network.

In the last step a randomized MAC address should be used.

Changes to the randomization settings include both changes to the
policy/style to be used and changes to the pregenerated MAC address
value in case of mac_addr==3.

Signed-off-by: Andrzej Ostruszka <amo@semihalf.com>
This commit is contained in:
Andrzej Ostruszka 2022-12-15 16:54:06 +01:00 committed by Jouni Malinen
parent 823cf218e4
commit bdbb6e0035

View file

@ -2237,16 +2237,25 @@ int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style,
u8 addr[ETH_ALEN]; u8 addr[ETH_ALEN];
os_get_reltime(&now); os_get_reltime(&now);
if (wpa_s->last_mac_addr_style == style && /* Random addresses are valid within a given ESS so check
/* Pregenerated addresses do not expire */ * expiration/value only when continuing to use the same ESS. */
wpa_s->last_mac_addr_style != 3 && if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
wpa_s->last_mac_addr_change.sec != 0 && if (style == 3) {
!os_reltime_expired(&now, &wpa_s->last_mac_addr_change, /* Pregenerated addresses do not expire but their value
* might have changed, so let's check that. */
if (os_memcmp(wpa_s->own_addr, ssid->mac_value,
ETH_ALEN) == 0)
return 0;
} else if (wpa_s->last_mac_addr_change.sec != 0 &&
!os_reltime_expired(
&now,
&wpa_s->last_mac_addr_change,
wpa_s->conf->rand_addr_lifetime)) { wpa_s->conf->rand_addr_lifetime)) {
wpa_msg(wpa_s, MSG_DEBUG, wpa_msg(wpa_s, MSG_DEBUG,
"Previously selected random MAC address has not yet expired"); "Previously selected random MAC address has not yet expired");
return 0; return 0;
} }
}
switch (style) { switch (style) {
case 1: case 1:
@ -2289,7 +2298,7 @@ int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style,
wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
MAC2STR(addr)); MAC2STR(addr));
return 0; return 1;
} }
@ -2436,9 +2445,12 @@ void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
wpa_s_setup_sae_pt(wpa_s->conf, ssid); wpa_s_setup_sae_pt(wpa_s->conf, ssid);
#endif /* CONFIG_SAE */ #endif /* CONFIG_SAE */
if (rand_style > 0 && !wpa_s->reassoc_same_ess) { if (rand_style > 0) {
if (wpas_update_random_addr(wpa_s, rand_style, ssid) < 0) int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
if (status < 0)
return; return;
if (status > 0) /* MAC changed */
wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
} else if (rand_style == 0 && wpa_s->mac_addr_changed) { } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
if (wpas_restore_permanent_mac_addr(wpa_s) < 0) if (wpas_restore_permanent_mac_addr(wpa_s) < 0)